Hi Jehanzeb,
thanks for your fast feedback. Yes, we tried the export function, but we need a solution without manual intervention. Wireshark should run permanent 24 hours producing log files. It would be perfect if the files had only the data we need. For smtp this would be per email one line with: timestamp, sender-email, receiver-email, subject, mail-length (bytes) Is this possible with wireshark/tshark? Regards Frank Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Jehanzeb Khan Gesendet: Mittwoch, 26. März 2008 11:28 An: Community support list for Wireshark Betreff: Re: [Wireshark-users] Using Wireshark to store decoded capture files Hi Frank Have you tried exporting (under file menu) the capture file with packet details expanded? Regards Jehanzeb ----- Original Message ---- From: "Brüggemann, Frank" <[EMAIL PROTECTED]> To: wireshark-users@wireshark.org Sent: Wednesday, March 26, 2008 3:18:36 PM Subject: [Wireshark-users] Using Wireshark to store decoded capture files Hello, is there any way to store permanent decoded packets and not the raw data in capture files? We would like to export http and smtp headers in a database for accounting and need a "human readable" format. Thanks Frank
_______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
